On June 27, 2024, a small number of users globally may have noticed that 1.1.1.1 was unreachable or degraded. The root cause was a mix of BGP (Border Gateway Protocol) hijacking and a route leak. https://cfl.re/4cs871s
Thank you for the excellent writeup and for mentioning MANRS and best practices as a long-term remediation tactic.
Incidents could hit enterprises of any size. Prioritize Incident Response procedures is Paramount. No one is infallible!
What's the preventive action taken on this to avoid such situations in future ?
It was really fascinating to find out about the monocle tool for investigating BGP routes (issues). And really concerning that tier 1 providers still too relaxed about BGP security.
Can a bgp hijack lead to a mitm with DoH, or does 1.1.1.1 have a CA signed certificate. Don’t know much about certificates issued to an IP.
Nice write up as always and thank you for sharing.
Cloudflare just has too many incidents.
Thanks for the update.
Insightful post.
It's fascinating to see how critical BGP security is to maintaining internet stability. Were there any specific measures implemented to prevent such incidents in the future?